---
title: Requirements
weight: 110
description: >
  Requirements for running Inspektor Gadget.
---

## Kernel Requirements (per gadget)

Inspektor Gadget uses eBPF to obtain the insights it provides. The
different gadgets provided use different eBPF capabilities. The
capabilities available depend on the version of the kernel running in the
node, as well as whether or not the kernel has
[BTF](https://www.kernel.org/doc/html/latest/bpf/btf.html) enabled (via
`CONFIG_DEBUG_INFO_BTF=y`).

The gadgets implementation relies on Compile Once - Run Everywhere (CO-RE)
approach.
These tools need to have BTF information.
This information is collected from three different sources, a fallback mechanism
is implemented to try another source if the previous one was not available.

1. The kernel already exposes it through `/sys/kernel/btf/vmlinux`: the
   kernel was compiled with `CONFIG_DEBUG_INFO_BTF`).
2. It's available in the gadget container image: we ship the BTF
   information for some well known kernel versions using
   [BTFGen](https://github.com/kinvolk/btfgen).
3. It's downloaded from
   [BTFHub](https://github.com/aquasecurity/btfhub/).

In case your kernel does not support CO-RE, we advise you to use an older
version of Inspektor Gadget which provides BCC gadget like
[`v0.21.0-bcc`](https://github.com/inspektor-gadget/inspektor-gadget/pkgs/container/inspektor-gadget/133259356?tag=v0.21.0-bcc)

### Required Kernel Versions and `CONFIG_*`

This section summarizes the kernel versions and features that are required to
run the gadgets. This has been generated by testing different Ubuntu versions
and their shipped kernels, hence it's possible that some gadgets work in older
kernels than the one mentioned here.

All gadgets require the following:

1. `CONFIG_BPF=y`
2. `CONFIG_BPF_SYSCALL=y`.
3. `CONFIG_DEBUG_INFO_BTF=y` if the host kernel is not supported by BTFHub.

For all gadgets, the minimum kernel version and additional needed `CONFIG_*` are
listed in the following table:

| Gadget                   | Minimum Kernel          | Additional `CONFIG_*`   |
|--------------------------|-------------------------|-------------------------|
| `advise network-policy`  | U.U                     |                         |
| `advise seccomp-profile` | U.U                     |                         |
| `audit seccomp`          | 5.4                     | `KPROBES`               |
| `profile block-io`       | U.U                     |                         |
| `profile cpu`            | U.U                     |                         |
| `profile tcprtt`         | U.U                     | `KPROBES`               |
| `snapshot process`       | 5.10                    |                         |
| `snapshot socket`        | 5.10                    |                         |
| `top block-io`           | U.U                     | `KPROBES`               |
| `top file`               | 5.4                     | `KPROBES`               |
| `top tcp`                | U.U                     | `KPROBES`               |
| `trace bind`             | 5.4                     | `KPROBES`, `KRETPROBES` |
| `trace capabilities`     | U.U                     | `KPROBES`               |
| `trace dns`              | 5.4                     |                         |
| `trace exec`             | 5.4                     | `FTRACE_SYSCALLS`       |
| `trace fsslower`         | 5.4                     | `KPROBES`, `KRETPROBES` |
| `trace mount`            | U.U                     | `FTRACE_SYSCALLS`       |
| `trace oomkill`          | 5.4                     | `KPROBES`               |
| `trace open`             | 5.4                     | `FTRACE_SYSCALLS`       |
| `trace signal`           | 5.4                     | `FTRACE_SYSCALLS`       |
| `trace sni`              | U.U                     |                         |
| `trace tcp`              | U.U                     |                         |
| `trace tcpconnect`       | 5.8                     | `KPROBES`, `KRETPROBES` |
| `trace tcpdrop`          | 5.17                    |                         |
| `trace tcpretrans`       | 4.15                    |                         |
| `script`                 | [4.9][1]                |                         |
| `traceloop`              | 4.15                    | `KPROBES`               |

If the kernel version is U.U, it means we do not have this information at the
moment.

[1]: https://github.com/iovisor/bpftrace/blob/master/INSTALL.md#linux-kernel-requirements

## Kubernetes Platform Requirements

| Kubernetes platforms                                   | Support                                                                           |
|--------------------------------------------------------|-----------------------------------------------------------------------------------|
| Minikube                                               | ✔️                                                                                |
| AKS, EKS, GKS                                          | ✔️                                                                                |
| AWS Fargate, Azure Containers instances, GKE Autopilot | ❌ (see [#1320](https://github.com/inspektor-gadget/inspektor-gadget/issues/1320)) |
| OpenShift                                              | ✔️                                                                                |
| Talos                                                  | ✔️                                                                                |

## Container Runtime Requirements

| Orchestrator      | Container manager | Container runtime | Support                                                                           |
|-------------------|-------------------|-------------------|-----------------------------------------------------------------------------------|
| docker            | containerd        | runc              | ✔️                                                                                |
| nerdctl           | containerd        | runc              | ✔️                                                                                |
| Kubernetes        | containerd        | runc              | ✔️                                                                                |
| Kubernetes        | containerd        | wasm              | ❌ (see [#1899](https://github.com/inspektor-gadget/inspektor-gadget/issues/1899)) |
| Kubernetes        | containerd        | katacontainers    | ❌                                                                                 |
| Kubernetes        | CRI-O             | runc / crun       | Kubernetes v1.20+ (see [below](#CRI-O))                                           |
| Podman (root)     | podman            | runc / crun       | ✔️                                                                                |
| Podman (rootless) | podman            | runc / crun       | Only with Podman API enabled (see [below](#Podman-rootless))                      |

### CRI-O

We only support [CRI v1](https://github.com/kubernetes/cri-api/tree/master/pkg/apis/runtime/v1) meaning that
only [CRI-O](https://github.com/cri-o/cri-o) v1.20+ (compatible with Kubernetes v1.20+) is supported.

### Podman (rootless)

We use [Podman API](https://docs.podman.io/en/latest/markdown/podman-system-service.1.html) to trace containers. In case
we want trace rootless containers, we need to ensure that the Podman API is available via socket as:

```bash
$ systemctl start --user podman.socket
# use rootless Podman API socket i.e /run/user/USERID#/podman/podman.sock
$ sudo ig -r podman --podman-socketpath /run/user/$UID/podman/podman.sock list-containers
$ sudo ig -r podman --podman-socketpath /run/user/$UID/podman/podman.sock snapshot process
```
